Has anyone attempted to log dropped packets to syslog from a virtual router for troubleshooting purposes? I have been unsuccessful in my attempts to modify iptables rules to get this working. Modifying iptables causes my virtual router to lock up. Ultimately, I'd like to be able to modify iptables to send dropped packets to an external syslog server for troubleshooting. This wouldn't be permanent, only implemented to troubleshoot and then tear down upon identifying a possible router/firewall issue. Thanks.
Brandon Arms
